ÀÎÅͳÝÀ̳ª ³ª¹µÀÙÃ¥À¸·Î ¼ö½Ê¹ø º¸¸ç ºñ±³¸¦ Çߴµ¥
´õÀÌ»ó Ʋ¸°°÷ÀÌ ¾ø´Â°Å °°Àºµ¥ ÀÎÁ§¼ÇÀÌ ¾ÈµË´Ï´Ù.
¿¡·¯³ª ¿ö´×µµ ¾ø°í ±×³É ³¡±îÁö ½ÇÇàÀº µÇ´Âµ¥ ÀÎÁ§¼Ç ±â´ÉÀÌ ¾ÈµÇ¿ä
´Ù¸¥ ÇÁ·Î±×·¡¹Ö Ä«Æä¿¡¼µµ µµ¿òÀ» ûÇߴµ¥ ÇØ°áÀ» ¸øÇÏ¿© Ȥ½Ã³ªÇؼ Áú¹® µå¸³¤¤´Ù!
void injection(DWORD dwPid, LPCTSTR szDllPath)
{
HANDLE hProcess, hThread;
HMODULE hKernel32;
LPTHREAD_START_ROUTINE pThreadProc;
LPVOID pLibbuf;
//PROCESSENTRY32 pe = { sizeof(pe) }; // Ãß°¡·Î ½ÃµµÇغ» °Í
int nLen= strlen(szDllPath)+1;
//pe.th32ProcessID = dwPid; // Ãß°¡·Î ½ÃµµÇغ» °Í
if ( !(hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid)) )
{
printf("failed");
}
pLibbuf = VirtualAllocEx(hProcess, NULL, nLen, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(hProcess, pLibbuf, (LPVOID)szDllPath, nLen, NULL);
hKernel32 = GetModuleHandle("kernel32.dll");
pThreadProc = (LPTHREAD_START_ROUTINE)GetProcAddress(hKernel32, "LoadLibraryA");
hThread = CreateRemoteThread(hProcess, NULL, 0, pThreadProc, pLibbuf, 0, NULL);
WaitForSingleObject(hThread,INFINITE);
CloseHandle(hThread);
CloseHandle(hProcess);
}
¸ÞÀÎÇÔ¼ö
DWORD dwPid;
char dll_path[20];
printf("ÇÁ·Î¼¼½º ID¸¦ ÀÔ·ÂÇϼ¼¿ä");
scanf("%d",&dwPid);
printf("dll°æ·Î¸¦ ÀÔ·ÂÇϼ¼¿ä");
scanf("%s",dll_path);
injection(dwPid,dll_path); |
22018, 
1/1101 
